package com.hoku.config.security;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * 启用安全认证
 * @author ZHUFEIFEI
 */
@Configuration
public class SecurityConfig  extends WebSecurityConfigurerAdapter {

    @Value("${management.endpoints.web.base-path}")
    private String managementContextPath;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //
        http.csrf().disable();

        //所有健康检查相关的endpoints必须登陆
//        http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests()
//            .anyRequest().authenticated().and().httpBasic();
        //健康检查相关的允许直接访问
        http.authorizeRequests().antMatchers(managementContextPath+"/**")
                .permitAll();

        //所有请求必须登陆
        http.authorizeRequests().anyRequest().authenticated()
                .and()
                .httpBasic()
        ;
    }
}
